1. Home
  2. CVE Database
  3. CVE-2024-23245
LOW · 3.3

CVE-2024-23245

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy ...

Vulnerability Description

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy action from Automator to send events to apps without user consent.

CVSS Score

3.3

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
NONE
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
AppleMacos>= 12.0, < 12.7.4

References

FAQ

What is CVE-2024-23245?

CVE-2024-23245 is a vulnerability with a CVSS score of 3.3 (LOW). This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. Third-party shortcuts may use a legacy ...

How severe is CVE-2024-23245?

CVE-2024-23245 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-23245?

Check the references section above for vendor advisories and patch information. Affected products include: Apple Macos.